LMCE has a requirement for it to be the "gateway" , which in my opinion is not the primary function of the home entertainment/automation server. The fact that it is requires 2 NIC's it complicates getting new people starting out with LMCE. If it is going to be the firewall then it needs to be more configurable than it currently is.

We don't need to be discussing what the reasoning for implementing a good firewall is, I just want something that is configurable. LMCE needs to improve it's firewall , or take a step back and remove the requirement for it to be the gateway.

I will give it a go , but won't have much time to allocate to doing it untill late september as i have some projects going on at work at the moment. I am also assuming that by implementing it you would like LMCE to be the gateway and not to remove the 2 NIC requirement.

I'd also like for our OP to share his information and then invite comments about other ideas in this thread.

A singe nic server is possible, but it would add a lot of complexity. LinuxMCE is currently designed to be a gateway and this is probably the simplest design for the LinuxMCE functionality. Perhaps someone else can sketch out how to remove the gateway requirement, but it just seems like it would be a kludge.

So, since our core IS, in fact, a gateway, it seems reasonable that requirements (or at least desires) for typical gateway functionality is at least not absurd. Several *nix distros have millions of fans and their main purpose is to be a good gateway.

merker2k's recent addition of a simple way to review dhcp leases from the web admin is a great step in the right direction, i think. Another quick step may be a simple interface to our firewall to make it more flexible. Further along the path towards robust gateway functionality may be IPS (snort), proxy, content filtering, AV, etc. (I have share a solution before that adds another firewall behind the core.)

And we're all aware both that LinuxMCE is enormously complex and that developer resources and interests are limited. As our developers continue to de-appliance-ize from our Pluto heritage, perhaps the use (and incorporation) of standard (sysadmin) packages with LinuxMCE will be more straightforward and offer less interference.

Also, I understand that non-standard changes to the core adds complexity, breaks things, and generates confusing forum traffic. And so it's helpful if these are documented well. But it also seems that one change at the server is simpler than changes at every client.

My observation is simply that our Core is a gateway and to invite discussion of those inherent requirements.

Also, I understand that non-standard changes to the core adds complexity, breaks things, and generates confusing forum traffic. And so it's helpful if these are documented well.

niz23 has been working with doxygen to get the code base documented for new developers. We're discussing creating a site such as 'doxygen.linuxmce.org' in order to provide a place to have the code documented... We will provide an update once further discussion occurs.

dlewis, much thanks. it is very impressive how much progress we are making on so many fronts!

Thom, we may be agreeing. ;-) LinuxMCE system is appliance-like, self-configuring, etc. And the distinction I was trying to make is that it will be less intertwined with a custom distribution-appliance ala pluto-home. pluto was deeply entangled with the underlying operating system which made it harder to maintain and expand (it had a different audience).

My understanding, and please correct any misunderstanding, is that our target that linuxmce is a standard desktop option distributed as part of kubuntu (and other distros). So, lmce can install on a standard distro (it does now - pluto didn't) and play nice with other standard packages and systems - including some that allow us to leverage existing sysadmin tools without breaking lmce.

My hat is off to all the devs - including those that brought deep and invaluable knowledge from pluto and without whom we wouldn't have the progress we enjoy today. And to all who contribute their talents and time. I remember pluto and acknowledge our history simply to clarify my understanding of our direction.

It's extremely hard to decouple and understand that it's not always a top priority. And progress will allow us to focus on lmce functionality and let the distro give us a great os and complementary tools that we can leverage.

And in a nod to the original topic, I'd like to leverage dansguardian (& other complementary gw functionality). ;-)

I have Dan's guardian set up (I've actually partnered it with Squid and a virus sweeper called HavP) but seeing your config files wouldn't hurt if anyone is having trouble getting all this to play nicely.

Has the shorewall installation affected the MCE install at all? (I.e. as far as you know, has anything been broken?)

Assuming I can duplicate your success, I'll put it on the Wiki (unless someone else gets there first! )

Hi,I haven't tested with Squid but I have configured shorewall and shorewall is working well with MCE with out any problems. But Yesterday I had issues with RAID(broken) I don't think shorewall is anything to do with RAID(mdadm - I have already posted details too). I will post the rest dansguardian.conf and tinyproxy.conf files too and I appreciate if you test from your end before posting in wiki.